Tony Dodd wrote: > Daniel Rose wrote: >> SQUID (linux kernel 2.6.18.xxx) Sends a spoofed ACK 'from' WWWHOST to >> CLIENT. >> >> The spoofed ACK never arrives at the CLIENT. CLIENT just sends 3 SYNs >> and times out. I assume it's dropped by the firewall, but I can't get >> 'debug ip packet' or similar commands to work on the ASA 5520 to >> verify this, but it's pretty clear since it never arrives on the >> client (I used wireshark). >> > > Have you tried turning up the logging level and seeing what the asa is > doing? My money is on it dropping your packets. > Confirmed by your logging suggestion. -- Daniel Rose National Library of Australia